Cupertino-based tech giant
has just released a new software update for
and iPad users that brings the operating system to
versions. Unlike the regular software updates, this particular update is a little more important as it comes with fixes for vulnerabilities that Apple notes “may have been actively exploited.”
Under kernel updates, Apple states that “a malicious application may be able to elevate privileges,” and under WebKit updates, it says “a remote attacker may be able to cause arbitrary code execution.” After both statements, the update notes say, “Apple is aware of a report that this issue may have been actively exploited.”
While with these statements Apple has acknowledged the presence of a lapse in the previous version of the operating system, it doesn’t reveal all the details such as how many users have been affected and what the attackers have been using them for.
A report by The Verge further explains that an application being able to elevate privileges means that it could do things it’s not supposed to be able to do, implying that a malicious app could’ve bypassed some of Apple’s security protections. As for the WebKit exploit, the report explains, ”A remote attacker being able to cause arbitrary code execution means an attacker could do things on your phone just from you visiting a website they control.”
In its support document, Apple said additional details would be available soon. The iOS 14.4 and iPadOS 14.4 are available for
6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation).